Disrupting Attack Paths: Why Tenable's Acquisition of Alsid Matters
This acquisition allows us to combine Tenable's ability to assess the state of the digital infrastructure with Alsid's ability to assess the state of Active Directory, helping security professionals answer the question: how secure are we?
Today, with great pride, I'm pleased to announce Tenable's acquisition of Alsid has been approved. Founded in 2016 by Emmanuel Gras and Luc Delsalle, former incident responders from the French National Cybersecurity Agency (ANSSI), Alsid represents the finest of French innovation: a pioneering technology solution which aims to resolve a critical cybersecurity challenge that has been top-of-mind for CISOs and IT leaders for over two decades. Exploiting user privileges via Active Directory is a favorite and predictable tactic used for everything from the most sophisticated compromises to the most quotidian hacks.
The majority of Alsid employees are based in Paris and our presence in France remains a priority for Tenable as we recognize the incredible pool of cybersecurity talent the country has to offer. We welcome Gras and Delsalle to the Tenable management team and we welcome the organization's talented professionals to team Tenable, where we'll work together to continue developing innovative solutions for Active Directory security.
While its roots are in France, Alsid's mission is decidedly global: 90% of the Fortune 1000 use Active Directory as their primary method of user authentication and authorization.
I've personally followed Alsid for some time now and I'm honored to welcome the company into the Tenable fold. Recent events, including the SolarWinds breach and the Microsoft Exchange hack, emphasize the need for Active Directory security. Successful breaches are followed by attacks on Active Directory to escalate privileges, move laterally, install malware, and exfiltrate data. Tenable's acquisition of Alsid positions us to not only enable our existing customer base to reduce cyber risk but also to help expand the potential market for this best-in-class technology. By combining Tenable's ability to assess the state of the digital infrastructure with Alsid's ability to assess the state of Active Directory, we give security professionals in even the most complex enterprise user environments a more holistic view of risk and the ability to predict which issues to fix first.
To that end, I'm pleased to introduce Tenable.ad, a new solution leveraging Alsid technology to secure Active Directory environments and disrupt one of the most common attack paths in both advanced persistent threats and common hacks.
By combining vulnerability and misconfiguration data, threat intelligence and account permissions, Tenable.ad offers users a risk-based, proactive approach to finding and fixing weaknesses in Active Directory. It detects ongoing attacks without the need to deploy agents or leverage privileged accounts.
With Tenable.ad, users can:
- Discover and map their entire Active Directory attack surface and identify vulnerabilities and misconfigurations as they are introduced
- Prioritize their remediation of Active Directory vulnerabilities and misconfigurations
- Detect and respond to Active Directory attacks and hunt for threats in the system
- Measure their Active Directory security posture and active threats at all times
Tenable.ad, now generally available, is a Software as a Service (SaaS) solution with an on-premises deployment option. Existing Alsid SaaS customers have the option of upgrading to Tenable.ad immediately.
Improving Active Directory security is the next critical step in Risk-based Vulnerability Management. By empowering organizations to prioritize their vulnerability management results based on the privileges afforded to each end-user in the system, we're effectively disrupting the attack paths hackers use to install malware, move laterally and exfiltrate data. With Tenable.ad, organizations around the world will be better prepared than ever to answer the critical question: How secure are we?
자세히 알아보기:
- Read the blog: Disrupting the Pervasive Attacks Against Active Directory and Identities
- Find out more about Tenable.ad here: https://www.tenable.com/products/tenable-ad
- Attend the webinar: Introducing Tenable.ad: Secure Active Directory and Disrupt Attack Paths
관련 기사
Cybersecurity Snapshot: CISA Shines Light on Cloud Security and on Hybrid IAM Systems’ Integration
March 15, 2024Check out CISA’s latest best practices for protecting cloud environments, and for securely integrating on-prem and cloud IAM systems. Plus, catch up on the ongoing Midnight Blizzard attack against Microsoft. And don’t miss the latest CIS Benchmarks. And much more!
Poor Identity Hygiene at Root of Nation-State Attack Against Microsoft
February 1, 2024The latest breach suffered by Microsoft shows once again that detection and response are not enough. Because the source of an attack almost always boils down to a single overlooked user and permission, it’s critical for organizations to have strong preventive security.
Cybersecurity Snapshot: What’s in Store for 2024 in Cyberland? Check Out Tenable Experts’ Predictions for OT Security, AI, Cloud Security, IAM and more
December 29, 2023The new year is upon us, and so we ponder the question: What cybersecurity trends will shape 2024? To find out, we asked Tenable experts to read the tea leaves. Their 2024 forecasts include: A bigger security role for cloud architects; a focus by ransomware gangs on OT systems in critical industries; an intensification of IAM attacks; and much more!
Cybersecurity Snapshot: U.S. Gov’t Unpacks AI Threat to Banks, as NCSC Urges OT Teams to Protect Cloud SCADA Systems
March 29, 2024Check out new guidance for banks on combating AI-boosted fraud. Plus, how to cut cyber risk when migrating SCADA systems to the cloud. Meanwhile, why CISA is fed up with SQLi flaws. And best practices to prevent and respond to DDoS attacks. And much more!
Enhancing Transportation Cybersecurity and Fleet Management for the DoD
March 25, 2024Few things can halt operations across the Department of Defense like a critical failure of logistics and transportation. From automated asset inventory to malicious-activity detections through baselining, learn how Tenable OT Security can protect these critical functions within the DoD and work towards the federal government’s zero trust mandate in OT environments.
Cybersecurity Snapshot: NSA Picks Top Cloud Security Practices, while CNCF Looks at How Cloud Native Can Facilitate AI Adoption
March 22, 2024Check out the NSA’s 10 key best practices for securing cloud environments. Plus, learn how cloud native computing could help streamline your AI deployments. Meanwhile, don’t miss the latest about cyberthreats against water treatment plants and critical infrastructure in general. And much more!
- Active Directory
- Announcements
- Risk-based Vulnerability Management
- Security auditing
- Threat Intelligence
- Threat Management
- Vulnerability Management
- Vulnerability Scanning